How All Events Do Conspire Against Us

The first MacGuyver-esque cell phone microscope is here! Though not the first iteration of such technologies, this is the first that literally anyone can assemble: all you need is about $20 worth of rubber bands, tape, and a small glass ball, and voilà! you can image blood cells!

This type of laboratory-grade technology available on consumer products platforms could truly globalize medical science. The article mentions being able to transmit a sample to a pathologist in a lab halfway ’round the world and get an accurate diagnosis sent back to the site in real time. Basically, it’s one step closer to having tricorders, and that is a development that would be good for everybody.

Well, now that Colbert’s brought it up, I feel that it’s time to talk about the most intriguing development in cyberspace: the mysterious Stuxnet worm. Because I’m too cheap to add the upgrade which would allow me to post this video directly, you can watch the whole interview at the Colbert Nation. It gives a good basic primer on what Stuxnet does, and you should check out this article on Symantec if you want a more technical explanation. Whatever your level of interest in the nitty-gritty, you cannot deny that this is a very, very cool tactic.

That being said, however, Stuxnet has are some very serious implications for international security and the evolving concept of cyber warfare. David Albright of the Institute for Science and International Security:

ALBRIGHT: “They destroyed 1,000 centrifuges in Natanz through Stuxnet. The Iranians didn’t act like it was an act of war; but if they destroyed 8,000, it could’ve been seen as an act of war.”

As The Economist notes, there are limitations to this type of attack, but in the future such attacks could be construed as an act of overt war, possibly leading to actual armed conflict. Why could it be considered an act of war? Because it does real damage.

AMANPOUR: “Is it an act of war? And what is the consequence? Where is the other shoe?”

ALBRIGHT: “First shot was Stuxnet. What’s the second shot? I mean, what are the Iranians gonna do? Are they gonna launch a cyberattack against us? Very vulnerable. We have a lot of industrial facilities that are not well protected that could be attacked in some kind of cyberattack by a country like Iran. So, before I think we go down this path, I do think we need to discuss it. Figure out is this the best way forward. It may be. It may be this is better than any military strike. No one died. And maybe it makes sense to go this way. But we may get attacked, too. And we need to think about that.”

In my mind, this raises several important questions: First, at what point does an attack such as this fall into the realm of “warfare”? Does it depend on the target? Does it depend on the progenitor (e.g., a state versus a group of hackers)? Does it depend on the amount of “damage”? Second, how do you deal with the problem of attribution? Since cyberattacks are difficult to trace and can potentially come from multiple sources, holding a particular government or group responsible can be difficult. As Ben O’Loughlin at Duck of Minerva puts it: “Who has the technical expertise, political will and diplomatic savvy to draw up laws for a world of crowdsourced armies and weaponized software?” Finally, what are the terms of escalation? At what point does one respond to a cyberattack with a conventional attack?

These are questions which military doctrines must address. Although by no means comprehensive, they do at least provide a starting point for thinking about a new age of cyber warfare.